NOTE: This charter is a snapshot of that in effect at the time of the 38th IETF Meeting in Memphis, Tennessee. It may now be out-of-date.
James Galvin <galvin@commerce.net>
Jeffrey Schiller <jis@mit.edu>
General Discussion:dns-security@tis.com
To Subscribe: dns-security-request@tis.com
Archive: ftp://ftp.tis.com/pub/lists/dns-security
The Domain Name System Security Working Group (DNSSEC) will ensure enhancements to the secure DNS protocol to protect the dynamic update operation of the DNS. Specifically, it must be possible to detect the replay of update transactions and it must be possible to order update transactions. Clock synchronization should be addressed as well as all of the dynamic update specification.
Some of the issues to be explored and resolved include:
· Scope of creation, deletion, and updates for both names and zones · Protection of names subject to dynamic update during zone transfer · Scope of KEY resource record for more specific names in wildcard scope · Use of or relationship with proposed expiration resource record
One essential assumption has been identified: data in the DNS is considered public information. This assumption means that discussions and proposals involving data confidentiality and access control are explicitly outside the scope of this working group.
Goals and Milestones:
· Mapping Autonomous Systems Number into the Domain Name System
· Secure Domain Name System Dynamic Update
· Detached Domain Name System Information
· The DNS Inverse Key Domain
Request For Comments:
|
RFC |
Status |
Title |
|
RFC2065 |
PS |
Domain Name System Security Extensions |
The Working Group did not meet.